﻿using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.IdentityModel.JsonWebTokens;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;

namespace Luka;

/// <summary>
/// JwtBearer 加密解密服务
/// </summary>
public interface IJwtBearerService
{
    /// <summary>
    /// 生成 Token
    /// </summary>
    /// <param name="payload"></param>
    /// <param name="expiredTime">过期时间（分钟）</param>
    /// <returns></returns>
    string GenerateToken(IDictionary<string, object> payload, long? expiredTime = null);

    /// <summary>
    /// 生成刷新 Token
    /// </summary>
    /// <param name="accessToken"></param>
    /// <returns></returns>
    string GenerateRefreshToken(string accessToken);

    /// <summary>
    /// 通过过期Token 和 刷新Token 换取新的 Token
    /// </summary>
    /// <param name="httpContext"></param>
    /// <param name="expiredToken"></param>
    /// <param name="refreshToken"></param>
    /// <param name="expiredTime">过期时间（分钟）</param>
    /// <param name="clockSkew">刷新token容差值，秒做单位</param>
    /// <returns></returns>
    string? Exchange(HttpContext httpContext, string expiredToken, string refreshToken, long? expiredTime = null);

    /// <summary>
    /// 自动刷新 Token 信息
    /// </summary>
    /// <returns></returns>
    bool AutoRefreshToken(AuthorizationHandlerContext context, HttpContext httpContext, long? expiredTime = null, string tokenPrefix = "Bearer ");

    /// <summary>
    /// 验证 Token
    /// </summary>
    (bool IsValid, JsonWebToken? Token, TokenValidationResult? validationResult) Validate(string accessToken);

    /// <summary>
    /// 验证 Token
    /// </summary>
    bool ValidateJwtBearerToken(DefaultHttpContext httpContext, out JsonWebToken? token, string headerKey = "Authorization", string tokenPrefix = "Bearer ");

    /// <summary>
    /// 读取 Token，不含验证
    /// </summary>
    JsonWebToken? ReadJwtToken(string accessToken);

    /// <summary>
    /// 读取 Token，不含验证
    /// </summary>
    JwtSecurityToken SecurityReadJwtToken(string accessToken);

    /// <summary>
    /// 获取 JWT Bearer Token
    /// </summary>
    string? GetJwtBearerToken(HttpContext httpContext, string headerKey = "Authorization", string tokenPrefix = "Bearer ");

    /// <summary>
    /// 生成Token验证参数
    /// </summary>
    TokenValidationParameters CreateTokenValidationParameters(JwtSettiing jwtSettings);
}